Question
a.
Gathering information by interacting with target systems
b.
Gathering information from third-party sources without interacting with the target's systems and networks
c.
Scanning and querying network devices actively
d.
Interacting with services to determine their capabilities
Posted under CompTIA PenTest+ Certification Exam PT0 002
Engage with the Community - Add Your Comment
Confused About the Answer? Ask for Details Here.
Know the Explanation? Add it Here.
Q. What is passive reconnaissance, often referred to as open source intelligence (OSINT)?
Similar Questions
Discover Related MCQs
Q. What is an example of a technique used in active reconnaissance?
View solution
Q. What is described as an important element of active reconnaissance in information gathering?
View solution
Q. Why is information gathering considered the foundation for each successive phase of a penetration test?
View solution
Q. What is a skill that successful penetration testers must possess in relation to information gathering?
View solution
Q. What is the primary characteristic of passive information gathering (OSINT)?
View solution
Q. What types of information can be gathered as part of an OSINT effort in passive information gathering?
View solution
Q. What does enumeration provide for penetration testers?
View solution
Q. What is the purpose of active reconnaissance in a penetration test?
View solution
Q. What is an important aspect of understanding how to gather information about applications in penetration tests?
View solution
Q. Megan runs the following Nmap scan:
nmap -sU -sT -p 1-65535 example.com
What information will she not receive?
View solution
Q. Tom wants to find metadata about an organization using a search engine. What tool from the following list should he use?
View solution
Q. After running an Nmap scan of a system, Zarmeena discovers that TCP ports 139, 443, and 3389 are open. What operating system is she most likely to discover running on the system?
View solution
Q. Charles runs an Nmap scan using the following command:
nmap -sT -sV -T2 -p 1-65535 example.com
After watching the scan run for over two hours, he realizes that he needs to optimize the scan. Which of the following is not a useful way to speed up his scan?
View solution
Q. Karen identifies TCP ports 8080 and 8443 open on a remote system during a port scan. What tool is her best option to manually validate the services running on these ports?
View solution
Q. Angela recovered a PNG image during the early intelligence-gathering phase of a penetration test and wants to examine it for useful metadata. What tool could she most successfully use to do this?
View solution
Q. During an Nmap scan, Casey uses the -O flag. The scan identifies the host as follows:
Running: Linux 2.6.X
OS CPE: cpe:/o:linux:linux_kernel:2.6
OS details: Linux 2.6.9 - 2.6.33
What can she determine from this information?
View solution
Q. What is the full range of ports that a UDP service can run on?
View solution
Q. Steve is working from an unprivileged user account that was obtained as part of a penetration test. He has discovered that the host he is on has Nmap installed, and he wants to scan other hosts in his subnet to identify potential targets as part of a pivot attempt. What Nmap flag will Steve probably have to use to successfully scan hosts from this account?
View solution
Q. Which of the following provides information about a domain’s registrar and physical location?
View solution
Q. Chris runs an Nmap scan of the 10.10.0.0/16 network that his employer uses as an internal network range for the entire organization. If he uses the -T0 flag, what issue is he likely to encounter?
View solution
Suggested Topics
Are you eager to expand your knowledge beyond CompTIA PenTest+ Certification Exam PT0 002? We've curated a selection of related categories that you might find intriguing.
Click on the categories below to discover a wealth of MCQs and enrich your understanding of Computer Science. Happy exploring!
.png)
